Design And Implementation Of Application-oriented Trusted Function Interface

Nowadays,with the rapid development and progress of computer information technology,information technology has been closely related to our production and life.The responsibility of information security protection is to construct and maintain the security ecosystem of information society.Trusted computing technology is an important technical means to ensure the security of computer equipment.Domestic Trusted computing technology needs to rely on the hardware cryptography support of the Trusted Cryptography Module(TCM)security chip,and TCM needs to refer to "Information Security Technology--Function and Interface Specification of Trusted Computing Cryptography Support Platform" in engineering application.After researchers found that,in the application layer software development,using the specification defined in the interface function can be a problem with ease of use is not high,mainly displays in three aspects: first,the context attribute set and context strategy management has greatly increased the complexity of the interface to use,for the trusted computing software developers in the field of difficult to understand and use;Secondly,TCM resource object recovery is released one by one by manually calling the resource release interface function,which may miss the release of TCM resources.Thirdly,many interfaces have too many parameters in the parameter table,which makes it inconvenient to code the interface when it is called to the upper application.In order to optimize the above problems,the interface function defined in Information security techniques-Functionality and interface specification of cryptographic support platform for trusted computing is developed,and the design and implementation of TCM interface program is more suitable for application layer,and the reference program and application case of the newly defined interface function are given.The main research contents of this paper are as follows:(1)The interface defined in the specification is analyzed,and the overall architecture of the interface design of TCM oriented to the application layer is proposed.The overall architecture is responsible for specific functions according to the interface,so as to realize the re-encapsulation of the interface functions of the class to the interface,making the boundary between the interface class and the interface function clearer.(2)An application-oriented context management and TCM resource recovery mechanism is designed.These mechanisms,acting on the new interface functions,can effectively reduce the number of parameters in the parameter table,improve the ease of use of interface functions and the performance of TCM resource recovery.(3)Designing and implementing the application interface,and carrying outexperimental tests on ten commonly used functions to judge whether the functional usability of the interface functions achieved meets the basic requirements,and analyze the ease-of-use and performance changes of the interface functions according to the experimental results.(4)Based on specific application layer cases,a set of TCM function demonstration platform software is designed and implemented to realize the practicability test of the interface program proposed in this paper.The application-oriented trusted function interface program has achieved the goal of reducing the ease of use of the application-oriented TCM interface,provided a set of practical interface library programs for TCM application-oriented programs,and made some positive help for promoting the spread and engineering application of TCM.